PT-2025-3028 · Apple · Ipados+1

Bistrit Dahal

Published

2025-01-15

Updated

2025-01-16

CVE-2024-54470

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.1 iOS versions prior to 17.7.1 iPadOS versions prior to 18.1 iPadOS versions prior to 17.7.1

Description A logic issue was addressed with improved checks, allowing an attacker with physical access to potentially access contacts from the lock screen.

Recommendations For iOS versions prior to 18.1, update to iOS 18.1 to resolve the issue. For iOS versions prior to 17.7.1, update to iOS 17.7.1 to resolve the issue. For iPadOS versions prior to 18.1, update to iPadOS 18.1 to resolve the issue. For iPadOS versions prior to 17.7.1, update to iPadOS 17.7.1 to resolve the issue.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2024-54470

Affected Products

Ios

Ipados

PT-2025-3028 · Apple · Ipados+1

CVE-2024-54470

Weakness Enumeration

Related Identifiers

Affected Products

References · 7